Manage your Information Security holistically
Always keep an overview of the most important key figures, security incidents, open tasks and the latest changes made by your colleagues.
A central thread for your Information Security Management
Increase the efficiency of your compliance management with the clear illustration of dependencies and the use of synergy effects.Learn more
Collect and manage your assets using Akarion's pre-built methodology or flexibly adapt the module to existing practices.Learn more
Identify risks and document treatment measures. Critical assets and processes can be identified within the module at a glance.Learn more
Get a detailed overview of your information security management and create even extensive reports quickly and easily.Learn more
Meet standards and use
Import and maintain common standard and control sets and map them to each other.
Document and protect information
values and processes
Collect your primary assets and define the appropriate protection requirements.
Illustrate connections clearly
Define dependencies between different processes, assets and their protection requirements.
Adapt risk assessments to
Personalize protection objectives, risk matrices, legend texts and much more.
Make threats comprehensible and
traceable with graphs
The Information Security Module automatically generates interactive graphs based on your specifications.
Set automatable reminders for
Set parameters that trigger automatic notifications when met.
The Information Security Module contains a pre-built methodology for gathering secondary assets and managing their corresponding risks.
In the course of this 3-step approach, which is based on the ISO 27005 standard, all the information collected - such as risks and measures - is passed on to the next level to enable a more efficient way of working. Of course, the documentation of your assets can also be carried out in less detail.
Typification of supporting assets
At the first level, you determine which types of supporting assets are present in your organization, thus creating the framework for detailed surveys. To do this, you can select appropriate templates from the ISO 27005 standard, such as hardware, locations or people, or define your own asset types.
This subdivision enables a global risk survey and analysis to be carried out at a later date, in which all the risks relating to a certain type of asset can be viewed and treated in a bundled manner.
Definition of relevant categories
The second step is to divide the defined asset types into categories by considering differences in the way data and information is processed or other properties. For this purpose, you list, for example, the different hardware (e.g. mobile devices, mobile storage media, peripheral devices, etc.) you are using.
This granular classification subsequently enables a finer risk assessment and thus also a more targeted and thus more effective treatment.
Definition of concrete assets
Finally, on the third level, you gather and look at specific supporting assets, such as your sales employee's laptops, the printer stationed in the office, or your accountant's office. This allows you to evaluate the specific protection needs and risks of each asset.
This approach allows you to take resource-saving and precise measures to protect your supporting assets.
The procedure is based on recommendations of ISO27005 and can be adapted to other standards.
Risks that affect all supporting assets of a certaintype (e.g. fire hazard) need only be handled once.
Flexible Level of Detail
The methodology provides guidance, but can be adapted. It is not mandatory to go through all the levels.
Risk Analysis and Treatment
Evaluation of Risks
Make use of a comprehensive template catalog when gathering and documenting hazards.
Treatment of Risks
Describe the measures you have taken to prevent hazards and the effects they have on the risks.
Visualization of your Compliance Infrastructure
Illustration of Dependencies in
the Visual Explorer
Identify critical assets and processes thanks to a clear visualization of the inheritance of protection requirements.
Synergy Effects with
BCM and Data Protection
Use the entered data across all modules of the Compliance Cloud for a more effective management of your IT compliance.
Monitoring and Reporting
Track the introduction and improvement of measures. Open points can be coordinated via the internal task management.
Review real time key figures on your dashboard. Reports on the current implementation status can be generated individually at any time.
Help with Standards
Get support in the creation of regulatory documents (e.g. the Statement of Applicability) by importing control catalogs such as ISO27001 in order to comply with their required content structure.
Developed with renowned Experts
When developing products, we involve IT security officers, auditors, lawyers and other qualified experts right from the start.
What our customers say
Modules that might interest you
Manage and document privacy-related processes, gain an overview of the flow of personal data in your organization and implement data protection regulations easily using a wide range of templates and workflow automations.Learn more
Ensure that your processes continue to run even in the case of an emergency. Define responsibilities and document measures in order to systematically restore operational procedures during a malfunction.Send request
Audits & Internal Revision
Easily check and document your current compliance status by using a variety of customizable questionnaires. If necessary, you can manage your audit process remotely as well.Send request